Implement Domains and Trusts from ADDS to on premise AD
After you have deployed ADDS you may want to complete a domain trust to an existing on premise domain, this is currently not possible but would be great if it was released as this is a blocker for organisations.
S P commented
If you need feedback on why this is important, see this post which impacted one of your large Enterprise customers (10k+ employees). https://www.linkedin.com/pulse/choosing-right-managed-active-directory-solution-sekou-page
Harry Powell commented
Hey Mike, thanks for replying. In my company we had a requirement where we manage infrastructure for two companies - essentially a top level company and its subsidiary; that did not have any network connectivity no shared user space but wanted to collaborate and share certain applications between the businesses. Initially we decided to go down the O365 route (both companies identities syncing to a single tenant) in order to allow for address book collaboration etc.
However there was actual apps, hosted in an Azure subscription that we wanted both sets of users to use, and didnt really want to deploy the IAAS machines to build a domain and wanted to utilise the Azure AD footprint we already had, merely uplifting that to AADS, creating non-transitive forest trusts between our on-prem domain (at this time we still had direction from the business to not have any network connections between the environments).
I think AADS could have been a great tool to use, would have allowed us to consume more SAAS services in Azure, and is still something i think would be a great aide to businesses looking to take some of the management out of AD/Forest management, that want to use Azure to host a shared/bridging platform for their user bases like we did.
Please let me know if you would like to have a call or a further discussion about this with me.
Mike Stephens commented
Great Idea- What are the use cases, applications and any other relevant details you can share on how you would use Azure AD Domain Services as a trusted forest. Do you have any networking concerns-- for example what if it required an Express Route vs. Site-to-Site VPN?
Senior Program Manager
IAM Core | Domain Services
S P commented
Any updates on this?